US20100212017A1 - System and method for efficient trust preservation in data stores - Google Patents
System and method for efficient trust preservation in data stores Download PDFInfo
- Publication number
- US20100212017A1 US20100212017A1 US12/388,422 US38842209A US2010212017A1 US 20100212017 A1 US20100212017 A1 US 20100212017A1 US 38842209 A US38842209 A US 38842209A US 2010212017 A1 US2010212017 A1 US 2010212017A1
- Authority
- US
- United States
- Prior art keywords
- data
- root
- tcb
- hash
- trustworthiness
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000004321 preservation Methods 0.000 title 1
- 230000006870 function Effects 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 7
- 238000013459 approach Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000001105 regulatory effect Effects 0.000 description 4
- 230000033228 biological regulation Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000013479 data entry Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000037406 food intake Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/30—Compression, e.g. Merkle-Damgard construction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present invention relates generally to data authentication, and in particular, to storing data on an untrusted machine and preserving the trustworthiness efficiently by minimizing the resource usage on a trusted computing base.
- Vendors have provided a number of WORM (Write-Once Read-Many) solutions to help manage data.
- WORM Write-Once Read-Many
- Earlier versions rely on physical WORM media, such as CD-R and optical-magnetic technology. Due to performance and cost considerations, they have been replaced by recent WORM offerings which use standard rewritable hard drives but enforce the WORM properties through software.
- the protection offered by these systems is often limited, especially in the regulatory compliance environment where chances for insider attacks are quite high.
- Previous high-profile industry scandals have shown that the ones who are motivated to tamper with existing data are often high level executives trying to erase evidence or cover up their wrongdoings. Not only do they have physical and administrative access to the data systems, the high stakes involved provide incentives for launching sophisticated and resourceful attacks.
- Preserving the trustworthiness of fixed-content data records is typically straight-forward.
- One simple approach is to compute a secure one-way hash of the content and attributes of the data record, and have the trusted computing base (TCB) sign it using its private key, for example, Sign(H(data), H(metadata), timestamp).
- TDB trusted computing base
- Sign(H(data), H(metadata), timestamp) Such a signature can then be used later to verify the integrity of the data record and its creation time.
- the metadata typically includes some retention attributes that specifies when the object will expire so the signature can be used to verify whether the object is deleted legitimately. If we want to minimize the information that needs to be maintained after an object is removed, the signature can be slightly modified to be: Sign(H(data), H(metadata—retention attr), retention attr, timestamp). Better efficiency can be achieved by grouping hashes of newly created data records together and have the TCB generate one signature for the whole batch.
- Metadata structure such as directories and search indexes.
- these meta-data structures need to be updated frequently as data objects are inserted or removed. This introduces additional vulnerability since now instead of tampering with the data directly, an adversary could also tamper with the metadata structure to hide information or point the auditor in the wrong direction.
- Recent research works have proposed efficient append-only metadata structures that are suitable to be stored on WORM storage.
- the dynamic nature of metadata structures makes it much more challenging to preserve their trustworthiness efficiently.
- a simple example of an append-only data structure is an audit log which is organized based on file IDs (or file names). The whole log can be divided into many append-only segments, one for each file.
- a common type of query for audit logs in regulatory compliance environments is to retrieve all the log entries corresponding to a specified file. To meet the integrity to completeness requirements in such a query, we need to be able to prove the number of log entries contained is correct and up-to-date, and the integrity of each log entry.
- the number of hashes required by such metadata structures would far exceed the capacity of the secure storage inside the TCB and therefore would have to be stored on the main system which is untrusted.
- the TCB could encrypt or sign these hashes to prevent them from being tampered with.
- the TCB would be presented with the current content of the page, the current signature and the update.
- the TCB would then verify that the content matches the signature and the update, and would then verify that the update is legitimate.
- this does not prevent an adversary from launching a “replay” attack by submitting an earlier version of the page content/signature with an update, effectively hiding existing data. Therefore, although the TCB does not have room to store individual state information for each page, it has to somehow “remember” the current version of each page.
- a conventional approach to authenticate a large dynamic data structure is to use a Merkle hash tree.
- the Merkle hash tree is a binary tree, where each leaf of the tree contains the hash of a data value, and each internal node of the tree contains the hash of its two children.
- the verification of data values is based on the fact that the root of the Merkle hash tree is authenticated either through a trusted party or a digital signature.
- the prover has to send the verifier the data value itself together with values stored in the siblings of nodes on the path from the data value to the root of the Merkle tree.
- the verifier can iteratively compute the hash values of nodes on the path from the data value to the root.
- the verifier can then check if the computer root value matches the authenticated root value.
- the security of the Merkle tree is based on the collision resistance of the hash function; an adversary who can successfully authenticate a bogus data value must have a hash collision in at least one node on the path from the data value to the root.
- the TCB only needs to maintain the root of the tree in its secure memory. The price for solving the storage problem, however, is higher computation and communication overhead for the TCB.
- the amount of computation and the size of the verification object (VO) is now log(N), where N is the total number of pages. In a large archive system with high object ingestion rate and where each object insertion could trigger a number of metadata updates (e.g., full-text indexes), the TCB could easily be overwhelmed.
- the invention provides a method and system for preserving trustworthiness of data, the method includes storing data on an untrusted system, and committing the data to a trusted computing base (TCB).
- the committing includes upon an end of a predetermined time interval, transmitting a constant size authentication data from the untrusted system to the TCB, and the TCB preserving trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- Another embodiment involves a system for preserving trustworthiness of data.
- the system comprising: at least one untrusted module configured to store data, and a trusted computing base (TCB) module coupled to the untrusted module.
- the TCB configured to authenticate the data, wherein upon an end of a predetermined time interval, the untrusted module transmits a constant size authentication data to the TCB for commitment, and the TCB preserves trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- Yet another embodiment involves a computer program product for preserving trustworthiness of data that causes a computer to store data on an untrusted system, and commit the data to a trusted computing base (TCB).
- the commit further causes the computer to: upon an end of a predetermined time interval, transmit constant size authentication data from the untrusted system to the TCB, and the TCB preserves trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- FIG. 1 illustrates a trusted system according to one embodiment of the invention
- FIG. 2 illustrates a distributed trusted system according to an embodiment of the invention
- FIG. 3 illustrates a general tree structure for representing authenticated data according to an embodiment of the invention.
- FIG. 4 illustrates a block diagram of a process for authenticating data according to an embodiment of the invention.
- the description may disclose several preferred embodiments for preserving trustworthiness of data while reducing the computations required by a trusted computing base, as well as operation and/or component parts thereof. While the following description will be described in terms of authentication of data and devices for clarity and to place the invention in context, it should be kept in mind that the teachings herein may have broad application to all types of systems, devices and applications.
- the invention provides a method and system for preserving trustworthiness of data, the method includes storing data on an untrusted system, and committing the data to a trusted computing base (TCB).
- the committing includes, upon an end of a predetermined time interval, transmitting a constant size authentication data from the untrusted system to the TCB, and the TCB preserving trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- FIG. 1 illustrates a system 100 including a separate Trusted Computing Base (TCB) 110 and an untrusted system module 120 .
- System 100 reduces the storage, computation and communication overhead on the TCB 110 as O( 1 ) (having a single operation overhead). Assuming that there are m updates to N unique metadata pages in a batch (multiple updates to the same page within a batch can be combined as one), where a straight-forward Merkle tree approach incurs computation and communication overhead of O(m ⁇ log N) on the TCB 110 .
- a general hash tree is used as an authenticated data structure (shown in FIG. 3 ) on TCB 110 .
- Each internal node of the GHT is computed as the hash of its two children nodes.
- V i 1 i 2 H i (V j 1 j 2 , V k 1 k 2 ) where V j 1 j 2 and V k 1 k 2 are the two children nodes of V i 1 i 2 .
- RSA Rivest-Shamir algorithm
- a tag value and an exponent value are defined for each node in the GHT.
- the tag value of an internal node is defined as the product of the tag values of its two children.
- the exponent value of a node is defined as the tag value of its sibling.
- the tag values of V 1 and V 2 are e 1 and e 2 respectively, and the tag value for V 12 is e 1 e 2 .
- the exponent values of V 1 and V 2 are e 2 and e 1 respectively, and the exponent value of V 12 is e 3 e 4 .
- l 1 is defined as the exponent value of V i 1 i 2 's left child and r i as the exponent of V i 1 i 2 's right child.
- the way the exponent values are generated has the following property.
- the exponents of the siblings of nodes on the path from the leaf V 1 to the root are defined as E 1 , E 2 , . . . , E ht , respectively.
- the greatest common denominator (gcd) gcd (E 1 , E 2 , . . . , E ht ) e i .
- V i H 0 (H 0 ( . . . H 0 (H 0 (h(D i1 ), h(D i2 )), h(D i3 )) . . .
- H 0 (x,y) xy e0 mod n and e 0 is a distinct prime number from ⁇ e 1 , e 2 , . . . , e N ⁇ . Therefore, that H 0 ⁇ H.
- the untrusted system module 120 needs to submit only a constant size of authentication data to the TCB 110 at the end of each interval.
- V 1 and V 2 H 1 (V 1 ,V 2 ).
- the new parent is computed as:
- the new root R t+1 is computed based on the old root R t and the root r t of a new GHT, where the leaves are the hashes of the new log entries.
- the work of computing r t is handled by the untrusted system module 120 .
- the untrusted system module 120 computes r t and transmits to the TCB 110 .
- the TCB 110 then removes the old root R t and stores the new root R t+1 .
- the construction of the verification object (VO) is similar to that in the Merkle tree.
- the untrusted system module 120 returns the siblings of all nodes on the path from V i to the root, together with the data relating to the i-th metadata page.
- a verifier in the untrusted system module 120 can reconstruct the general hash tree and compute the root of the general hash tree. The verifier can then obtain the value of the root obtained from the TCB 110 and compare it with the computed root value. The verifier accepts if and only if these two values match.
- Table I shows the complexity of one embodiment (in the “our app.” row) compared with that of the Merkle tree based approach (in the “MT app.” row), assuming that updates can be batched and the number of updates in a batch is m, the total number of pages in the data structure is N.
- the verification time and VO size refer to the computation and communication overhead for verifying the correctness of a single page.
- FIG. 2 illustrates a distributed system 200 according to one embodiment.
- the system 200 is a distributed network, including a plurality of untrusted system modules 1 210 to N 220 , and a TCB 110 that authenticates data on all untrusted system modules in system 200 .
- FIG. 4 illustrates a block diagram of an authentication process 400 .
- Process 400 begins with block 410 where data is first stored on an untrusted system module, such as system module 120 .
- authentication data is transmitted to a TCB, such as TCB 110 .
- a commit operation (as described above) is performed for the authentication data between an untrusted system module and a TCB, such as TCB 110 . Therefore data and metadata are stored and the trustworthiness is preserved efficiently by minimizing the resource usage on the TCB. In this embodiment, most of the computations are handled by the untrusted system module.
- the embodiments of the invention can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements.
- the invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
- the embodiments of the invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer, processing device, or any instruction execution system.
- a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- the medium can be electronic, magnetic, optical, or a semiconductor system (or apparatus or device).
- Examples of a computer-readable medium include, but are not limited to, a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a RAM, a read-only memory (ROM), a rigid magnetic disk, an optical disk, etc.
- Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- I/O devices can be connected to the system either directly or through intervening controllers.
- Network adapters may also be connected to the system to enable the data processing system to become connected to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
Description
- 1. Field of the Invention
- The present invention relates generally to data authentication, and in particular, to storing data on an untrusted machine and preserving the trustworthiness efficiently by minimizing the resource usage on a trusted computing base.
- 2. Background Information
- Today's information is increasingly stored electronically. While digital data records are easy to store and convenient to retrieve, they are also relatively easy to be tampered with without being detected. Given the amount of critical information stored in digital form, the importance of ensuring that such information is trustworthy and credible can never be overestimated. One area where being able to preserve and verify the trustworthiness is of particular importance is regulatory compliance. As the number and scope of recordkeeping regulations such as SEC rule 17-4a and HIPAA (Health Insurance Portability and Accountability Act) grow, today's businesses are facing a higher degree of regulation and accountability than ever. Failure to comply with such regulations could result in hefty fines and jail sentences.
- Vendors have provided a number of WORM (Write-Once Read-Many) solutions to help manage data. Earlier versions rely on physical WORM media, such as CD-R and optical-magnetic technology. Due to performance and cost considerations, they have been replaced by recent WORM offerings which use standard rewritable hard drives but enforce the WORM properties through software. However, the protection offered by these systems is often limited, especially in the regulatory compliance environment where chances for insider attacks are quite high. Previous high-profile industry scandals have shown that the ones who are motivated to tamper with existing data are often high level executives trying to erase evidence or cover up their wrongdoings. Not only do they have physical and administrative access to the data systems, the high stakes involved provide incentives for launching sophisticated and resourceful attacks.
- Existing solutions are not secure because: (1) software protection is based on the assumption that the adversary can not break into the system, and securing a large/complicated software system is difficult; (2) having physical access means that the attacker may access the storage device directly, bypassing all the protection mechanisms; (3) data migration, which is needed in cases such as upgrading to new systems or disaster recovery, may create windows of vulnerability; (4) solutions based on CAS (Content Addressed Storage) technology are simply pushing the problem to a higher level since the CAS are often managed by untrusted systems; (5) existing solutions focus on protecting reference data, but not metadata structures, and (6) even if the systems are secure, they do not provide a means for an auditor to verify the correctness of data, therefore unless the auditor has direct access to the data system, which is often not the case, the result produced by a query could be altered before it reaches the requester.
- Preserving the trustworthiness of fixed-content data records is typically straight-forward. One simple approach is to compute a secure one-way hash of the content and attributes of the data record, and have the trusted computing base (TCB) sign it using its private key, for example, Sign(H(data), H(metadata), timestamp). Such a signature can then be used later to verify the integrity of the data record and its creation time. For regulatory compliance, the metadata typically includes some retention attributes that specifies when the object will expire so the signature can be used to verify whether the object is deleted legitimately. If we want to minimize the information that needs to be maintained after an object is removed, the signature can be slightly modified to be: Sign(H(data), H(metadata—retention attr), retention attr, timestamp). Better efficiency can be achieved by grouping hashes of newly created data records together and have the TCB generate one signature for the whole batch.
- However, given the huge amount of data in today's information systems, data are typically accessed through some form of metadata structure such as directories and search indexes. Unlike fixed-content data objects, these meta-data structures need to be updated frequently as data objects are inserted or removed. This introduces additional vulnerability since now instead of tampering with the data directly, an adversary could also tamper with the metadata structure to hide information or point the auditor in the wrong direction. Recent research works have proposed efficient append-only metadata structures that are suitable to be stored on WORM storage. However, the dynamic nature of metadata structures makes it much more challenging to preserve their trustworthiness efficiently. Simply computing a one-way hash for the whole metadata structure would be prohibitively expensive as each update has to be verified by the TCB (unlike with fixed-content objects, the TCB cannot blindly sign or store a new hash for a dynamic metadata structure without verifying the legitimacy of the update).
- A simple example of an append-only data structure is an audit log which is organized based on file IDs (or file names). The whole log can be divided into many append-only segments, one for each file. A common type of query for audit logs in regulatory compliance environments is to retrieve all the log entries corresponding to a specified file. To meet the integrity to completeness requirements in such a query, we need to be able to prove the number of log entries contained is correct and up-to-date, and the integrity of each log entry.
- Using an append-only data structure such as the ones mentioned above, we can break down a metadata structure into many small pieces (called pages), each being append-only. While this allows the TCB to more efficiently verify whether an update on an individual piece is valid by checking whether the update overwrites any existing data in the page by maintaining a separate hash for each unit, this approach is not storage-efficient for the TCB.
- Given the size of today's data set, the number of hashes required by such metadata structures would far exceed the capacity of the secure storage inside the TCB and therefore would have to be stored on the main system which is untrusted. The TCB could encrypt or sign these hashes to prevent them from being tampered with. During each update, the TCB would be presented with the current content of the page, the current signature and the update. The TCB would then verify that the content matches the signature and the update, and would then verify that the update is legitimate. However, this does not prevent an adversary from launching a “replay” attack by submitting an earlier version of the page content/signature with an update, effectively hiding existing data. Therefore, although the TCB does not have room to store individual state information for each page, it has to somehow “remember” the current version of each page.
- A conventional approach to authenticate a large dynamic data structure is to use a Merkle hash tree. The Merkle hash tree is a binary tree, where each leaf of the tree contains the hash of a data value, and each internal node of the tree contains the hash of its two children. The verification of data values is based on the fact that the root of the Merkle hash tree is authenticated either through a trusted party or a digital signature. To verify the authenticity of a data value, the prover has to send the verifier the data value itself together with values stored in the siblings of nodes on the path from the data value to the root of the Merkle tree. The verifier can iteratively compute the hash values of nodes on the path from the data value to the root. The verifier can then check if the computer root value matches the authenticated root value. The security of the Merkle tree is based on the collision resistance of the hash function; an adversary who can successfully authenticate a bogus data value must have a hash collision in at least one node on the path from the data value to the root. Using a Merkle tree, the TCB only needs to maintain the root of the tree in its secure memory. The price for solving the storage problem, however, is higher computation and communication overhead for the TCB. Now for each page update, the amount of computation and the size of the verification object (VO) is now log(N), where N is the total number of pages. In a large archive system with high object ingestion rate and where each object insertion could trigger a number of metadata updates (e.g., full-text indexes), the TCB could easily be overwhelmed.
- The invention provides a method and system for preserving trustworthiness of data, the method includes storing data on an untrusted system, and committing the data to a trusted computing base (TCB). The committing includes upon an end of a predetermined time interval, transmitting a constant size authentication data from the untrusted system to the TCB, and the TCB preserving trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- Another embodiment involves a system for preserving trustworthiness of data. The system comprising: at least one untrusted module configured to store data, and a trusted computing base (TCB) module coupled to the untrusted module. The TCB configured to authenticate the data, wherein upon an end of a predetermined time interval, the untrusted module transmits a constant size authentication data to the TCB for commitment, and the TCB preserves trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- Yet another embodiment involves a computer program product for preserving trustworthiness of data that causes a computer to store data on an untrusted system, and commit the data to a trusted computing base (TCB). The commit further causes the computer to: upon an end of a predetermined time interval, transmit constant size authentication data from the untrusted system to the TCB, and the TCB preserves trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
- Other aspects and advantages of the present invention will become apparent from the following detailed description, which, when taken in conjunction with the drawings, illustrate by way of example the principles of the invention.
- For a fuller understanding of the nature and advantages of the invention, as well as a preferred mode of use, reference should be made to the following detailed description read in conjunction with the accompanying drawings, in which:
-
FIG. 1 illustrates a trusted system according to one embodiment of the invention; -
FIG. 2 illustrates a distributed trusted system according to an embodiment of the invention; -
FIG. 3 illustrates a general tree structure for representing authenticated data according to an embodiment of the invention; and -
FIG. 4 illustrates a block diagram of a process for authenticating data according to an embodiment of the invention. - The following description is made for the purpose of illustrating the general principles of the invention and is not meant to limit the inventive concepts claimed herein. Further, particular features described herein can be used in combination with other described features in each of the various possible combinations and permutations. Unless otherwise specifically defined herein, all terms are to be given their broadest possible interpretation including meanings implied from the specification as well as meanings understood by those skilled in the art and/or as defined in dictionaries, treatises, etc.
- The description may disclose several preferred embodiments for preserving trustworthiness of data while reducing the computations required by a trusted computing base, as well as operation and/or component parts thereof. While the following description will be described in terms of authentication of data and devices for clarity and to place the invention in context, it should be kept in mind that the teachings herein may have broad application to all types of systems, devices and applications.
- The invention provides a method and system for preserving trustworthiness of data, the method includes storing data on an untrusted system, and committing the data to a trusted computing base (TCB). The committing includes, upon an end of a predetermined time interval, transmitting a constant size authentication data from the untrusted system to the TCB, and the TCB preserving trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data.
-
FIG. 1 illustrates asystem 100 including a separate Trusted Computing Base (TCB) 110 and anuntrusted system module 120.System 100 reduces the storage, computation and communication overhead on theTCB 110 as O(1) (having a single operation overhead). Assuming that there are m updates to N unique metadata pages in a batch (multiple updates to the same page within a batch can be combined as one), where a straight-forward Merkle tree approach incurs computation and communication overhead of O(mlog N) on theTCB 110. - In one embodiment, a general hash tree (GHT) is used as an authenticated data structure (shown in
FIG. 3 ) onTCB 110. The total number of pages in the metadata structure is represented as N (inFIG. 3 , N=4) and the metadata pages are represented as P1, P2, . . . , PN. TCB 110 builds a general hash tree (GHT) where the i-th leaf stores information relating to the i-th metadata page (i=1, 2, . . . , N). The height of the general hash tree is denoted as ht=log N. Each internal node of the GHT is computed as the hash of its two children nodes. However, unlike a Merkle tree where the same hash function is used throughout the tree, different hash functions are applied at different internal nodes in the GHT according to one embodiment. The value of an internal node is represented as Vi1 i2 and the hash function for computing Vi1 i2 is represented as Hi. In other words, Vi1 i2 is computed as Vi1 i2 =Hi(Vj1 j2 , Vk1 k2 ) where Vj1 j2 and Vk1 k2 are the two children nodes of Vi1 i2 . - In one embodiment, the hash functions used for computing the internal nodes belong to a homomorphic hashing family {H} that satisfies the following homomorphic property: Hj(Hi(x0,y0), Hi(x1,y1))=Hi(Hj(x0,x1), Hj(y0,y1)) for any Hi, Hjε H. In one embodiment, we define H1(x,y)=fl1(x)fr1(y), where fy(x)=xy mod n, a homomorphic hash function based on the Rivest-Shamir algorithm (RSA) assumption where n is the RSA modulus. It is straight-forward to prove that such a hashing family satisfies the above homomorphic property.
- Next it is shown how the parameters {li, ri} used in a particular hash function Hi are generated. In one embodiment a tag value and an exponent value are defined for each node in the GHT. The tag value of the i-th leaf is defined to be e1 (i=1, 2, . . . , N), where e1 belongs to a set of distinct prime numbers {e1, e2, . . . , eN}. The tag value of an internal node is defined as the product of the tag values of its two children. Finally, the exponent value of a node is defined as the tag value of its sibling.
- In the example illustrated in
FIG. 3 , the tag values of V1 and V2 are e1 and e2 respectively, and the tag value for V12 is e1e2. The exponent values of V1 and V2 are e2 and e1 respectively, and the exponent value of V12 is e3e4. Next, l1 is defined as the exponent value of Vi1 i2 's left child and ri as the exponent of Vi1 i2 's right child. The way the exponent values are generated has the following property. In one embodiment, the exponents of the siblings of nodes on the path from the leaf V1 to the root are defined as E1, E2, . . . , Eht, respectively. In one embodiment, the greatest common denominator (gcd) gcd (E1, E2, . . . , Eht)=ei. - Finally, we determine the values stored at the leaves of the general hash tree. The time is divided into time intervals. The
untrusted system module 120 communicates with theTCB 110 at the end of each interval. Let n(i) denote the number of data blocks relating to the i-th metadata page up to the end of an interval and that data entries are Di1, Di2, . . . , Din(i). The value stored at the i-th leaf is Vi, which is computed as Vi=H0(H0( . . . H0(H0(h(Di1), h(Di2)), h(Di3)) . . . ), h(Din(1))), where H0(x,y)=xye0 mod n and e0 is a distinct prime number from {e1, e2, . . . , eN}. Therefore, that H0 ε H. - In one embodiment, the
untrusted system module 120 needs to submit only a constant size of authentication data to theTCB 110 at the end of each interval. In one embodiment, two leaves of the general hash tree are defined as V1 and V2 with their parent being V12=H1(V1,V2). For two new data d1 and d2 and the new parent of the two leaves is computed. We denote v1=h(d1) and v2=h(d2). The new parent is computed as: -
- where v12=H1(v1,v2).
- The root of the GHT is iteratively computed in this manner and the new root of the GHT is computed as Rt+1=H0(Rt,rt) where Rt+1 is the root of the GHT and the end of the interval t+1, Rt is the root of the GHT at the end of interval t, and rt is the root of the general hash tree where the leaves are the new data (i.e., v1, v2, . . . ).
- In other words, the new root Rt+1 is computed based on the old root Rt and the root rt of a new GHT, where the leaves are the hashes of the new log entries. In one embodiment, the work of computing rt is handled by the
untrusted system module 120. At the end of each interval, theuntrusted system module 120 computes rt and transmits to theTCB 110. TheTCB 110 can then compute the new root through one single hash operation; the new root is computed as Rt+1=H0(Rt, rt). TheTCB 110 then removes the old root Rt and stores the new root Rt+1. - The construction of the verification object (VO) is similar to that in the Merkle tree. To prove the authenticity of the data relating to the i-th metadata page, the
untrusted system module 120 returns the siblings of all nodes on the path from Vi to the root, together with the data relating to the i-th metadata page. - To verify the authenticity of the data relating to the i-th metadata page, a verifier in the
untrusted system module 120 can reconstruct the general hash tree and compute the root of the general hash tree. The verifier can then obtain the value of the root obtained from theTCB 110 and compare it with the computed root value. The verifier accepts if and only if these two values match. - Table I below shows the complexity of one embodiment (in the “our app.” row) compared with that of the Merkle tree based approach (in the “MT app.” row), assuming that updates can be batched and the number of updates in a batch is m, the total number of pages in the data structure is N. The verification time and VO size refer to the computation and communication overhead for verifying the correctness of a single page.
-
TABLE I Storage Comm. Comp. Comm. Comp. (TCB) (MS, TCB) (TCB) (MS, Verifier) (Verifier) MT O(1) O(m · log N) O(m · log N) O(log N) O(log N) App. Our O(1) O(1) O(1) O(log N) O(log N) App. -
FIG. 2 illustrates a distributedsystem 200 according to one embodiment. In one embodiment, thesystem 200 is a distributed network, including a plurality of untrusted system modules 1 210 toN 220, and aTCB 110 that authenticates data on all untrusted system modules insystem 200. -
FIG. 4 illustrates a block diagram of anauthentication process 400.Process 400 begins withblock 410 where data is first stored on an untrusted system module, such assystem module 120. Next, inblock 420 authentication data is transmitted to a TCB, such asTCB 110. Inblock 430, a commit operation (as described above) is performed for the authentication data between an untrusted system module and a TCB, such asTCB 110. Therefore data and metadata are stored and the trustworthiness is preserved efficiently by minimizing the resource usage on the TCB. In this embodiment, most of the computations are handled by the untrusted system module. - The embodiments of the invention can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements. In a preferred embodiment, the invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
- Furthermore, the embodiments of the invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer, processing device, or any instruction execution system. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- The medium can be electronic, magnetic, optical, or a semiconductor system (or apparatus or device). Examples of a computer-readable medium include, but are not limited to, a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a RAM, a read-only memory (ROM), a rigid magnetic disk, an optical disk, etc. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- I/O devices (including but not limited to keyboards, displays, pointing devices, etc.) can be connected to the system either directly or through intervening controllers. Network adapters may also be connected to the system to enable the data processing system to become connected to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
- In the description above, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. For example, well-known equivalent components and elements may be substituted in place of those described herein, and similarly, well-known equivalent techniques may be substituted in place of the particular techniques disclosed. In other instances, well-known structures and techniques have not been shown in detail to avoid obscuring the understanding of this description.
- Reference in the specification to “an embodiment,” “one embodiment,” “some embodiments,” or “other embodiments” means that a particular feature, structure, or characteristic described in connection with the embodiments is included in at least some embodiments, but not necessarily all embodiments. The various appearances of “an embodiment,” “one embodiment,” or “some embodiments” are not necessarily all referring to the same embodiments. If the specification states a component, feature, structure, or characteristic “may”, “might”, or “could” be included, that particular component, feature, structure, or characteristic is not required to be included. If the specification or claim refers to “a” or “an” element, that does not mean there is only one of the element. If the specification or claims refer to “an additional” element, that does not preclude there being more than one of the additional element.
- While certain exemplary embodiments have been described and shown in the accompanying drawings, it is to be understood that such embodiments are merely illustrative of, and not restrictive on, the broad invention, and that this invention not be limited to the specific constructions and arrangements shown and described, since various other modifications may occur to those ordinarily skilled in the art.
Claims (20)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/388,422 US20100212017A1 (en) | 2009-02-18 | 2009-02-18 | System and method for efficient trust preservation in data stores |
CN2010800068678A CN102308300A (en) | 2009-02-18 | 2010-02-16 | System and method for efficient trust preservation in data stores |
PCT/EP2010/051931 WO2010094685A1 (en) | 2009-02-18 | 2010-02-16 | System and method for efficient trust preservation in data stores |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/388,422 US20100212017A1 (en) | 2009-02-18 | 2009-02-18 | System and method for efficient trust preservation in data stores |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100212017A1 true US20100212017A1 (en) | 2010-08-19 |
Family
ID=42124593
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/388,422 Abandoned US20100212017A1 (en) | 2009-02-18 | 2009-02-18 | System and method for efficient trust preservation in data stores |
Country Status (3)
Country | Link |
---|---|
US (1) | US20100212017A1 (en) |
CN (1) | CN102308300A (en) |
WO (1) | WO2010094685A1 (en) |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120143830A1 (en) * | 2010-12-02 | 2012-06-07 | At&T Intellectual Property I, L.P. | Interactive proof to validate outsourced data stream processing |
WO2012023122A3 (en) * | 2010-08-20 | 2012-07-26 | Nxp B.V. | Authentication device and system |
US20120233029A1 (en) * | 2011-03-07 | 2012-09-13 | Ricoh Co., Ltd. | Generating printable certificates to verify log authenticity |
US20130198838A1 (en) * | 2010-03-05 | 2013-08-01 | Interdigital Patent Holdings, Inc. | Method and apparatus for providing security to devices |
US8510566B1 (en) * | 2009-09-29 | 2013-08-13 | Emc Corporation | Authentic time-stamping for archival storage |
CN103441845A (en) * | 2013-08-07 | 2013-12-11 | 北京交通大学 | New method for generating Merkle tree signature scheme certification path |
US8621222B1 (en) * | 2008-05-30 | 2013-12-31 | Adobe Systems Incorporated | Archiving electronic content having digital signatures |
US20140082749A1 (en) * | 2012-09-20 | 2014-03-20 | Amazon Technologies, Inc. | Systems and methods for secure and persistent retention of sensitive information |
WO2015018516A1 (en) * | 2013-08-05 | 2015-02-12 | Guardtime Ip Holdings Limited | Document verification with id augmentation |
US20150156026A1 (en) * | 2013-12-02 | 2015-06-04 | Guardtime Ip Holdings Limited | Non-deterministic time systems and methods |
US20160110292A1 (en) * | 2014-10-21 | 2016-04-21 | Samsung Electronics Co., Ltd. | Efficient key collision handling |
US20170075938A1 (en) * | 2015-09-14 | 2017-03-16 | Medici, Inc. | Data Verification Methods And Systems Using A Hash Tree, Such As A Time-Centric Merkle Hash Tree |
WO2018005403A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc | Controlling verification of key-value stores |
WO2018026727A1 (en) * | 2016-08-01 | 2018-02-08 | Cryptowerk Corp. | Computer-implemented method and system of tamper-evident recording of a plurality of service data items |
WO2019025762A1 (en) * | 2017-08-03 | 2019-02-07 | Arm Limited | Counter integrity tree for memory security |
CN109492425A (en) * | 2018-09-30 | 2019-03-19 | 南京中铁信息工程有限公司 | A kind of worm technical application method on a distributed |
US10540297B2 (en) | 2017-08-03 | 2020-01-21 | Arm Limited | Memory organization for security and reliability |
US10733313B2 (en) | 2018-02-09 | 2020-08-04 | Arm Limited | Counter integrity tree for memory security |
US10880260B1 (en) | 2019-06-19 | 2020-12-29 | Etherweb Technologies LLC | Distributed domain name resolution and method for use of same |
EP3759865A4 (en) * | 2018-02-27 | 2021-01-06 | Visa International Service Association | High-throughput data integrity via trusted computing |
US10937083B2 (en) | 2017-07-03 | 2021-03-02 | Medici Ventures, Inc. | Decentralized trading system for fair ordering and matching of trades received at multiple network nodes and matched by multiple network nodes within decentralized trading system |
WO2021096861A1 (en) * | 2019-11-15 | 2021-05-20 | Ent. Services Development Corporation Lp | Systems and methods for automated determination of trust levels associated with regions and securely transporting data between the regions |
US11080433B2 (en) * | 2018-04-29 | 2021-08-03 | Cryptowerk Corp. | Cryptographic data storage |
US11449548B2 (en) | 2019-11-27 | 2022-09-20 | Elasticsearch B.V. | Systems and methods for enriching documents for indexing |
US11609898B2 (en) * | 2020-06-18 | 2023-03-21 | Apple Inc. | Ensuring consistent metadata across computing devices |
US20230086399A1 (en) * | 2019-07-31 | 2023-03-23 | Myndshft Technologies, Inc. | System and method for on-demand data cleansing |
Citations (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4309569A (en) * | 1979-09-05 | 1982-01-05 | The Board Of Trustees Of The Leland Stanford Junior University | Method of providing digital signatures |
US6218302B1 (en) * | 1998-07-21 | 2001-04-17 | Motorola Inc. | Method for forming a semiconductor device |
US6411957B1 (en) * | 1999-06-30 | 2002-06-25 | Arm Limited | System and method of organizing nodes within a tree structure |
US6484182B1 (en) * | 1998-06-12 | 2002-11-19 | International Business Machines Corporation | Method and apparatus for publishing part datasheets |
US20020184504A1 (en) * | 2001-03-26 | 2002-12-05 | Eric Hughes | Combined digital signature |
US20040241978A1 (en) * | 2003-05-29 | 2004-12-02 | Chiung-Sheng Hsiung | Interconnection structure and fabrication method thereof |
US6961855B1 (en) * | 1999-12-16 | 2005-11-01 | International Business Machines Corporation | Notification of modifications to a trusted computing base |
US6961858B2 (en) * | 2000-06-16 | 2005-11-01 | Entriq, Inc. | Method and system to secure content for distribution via a network |
US20060059333A1 (en) * | 2004-08-31 | 2006-03-16 | Gentry Craig B | Revocation of cryptographic digital certificates |
US7020635B2 (en) * | 2001-11-21 | 2006-03-28 | Line 6, Inc | System and method of secure electronic commerce transactions including tracking and recording the distribution and usage of assets |
US20060136728A1 (en) * | 2003-08-15 | 2006-06-22 | Gentry Craig B | Method and apparatus for authentication of data streams with adaptively controlled losses |
US7080049B2 (en) * | 2001-09-21 | 2006-07-18 | Paymentone Corporation | Method and system for processing a transaction |
US7090128B2 (en) * | 2003-09-08 | 2006-08-15 | Systems And Software Enterprises, Inc. | Mobile electronic newsstand |
US7107462B2 (en) * | 2000-06-16 | 2006-09-12 | Irdeto Access B.V. | Method and system to store and distribute encryption keys |
US20060202339A1 (en) * | 2005-03-11 | 2006-09-14 | Michaelson Lynne M | Method of forming a semiconductor device having a diffusion barrier stack and structure thereof |
US20060218176A1 (en) * | 2005-03-24 | 2006-09-28 | International Business Machines Corporation | System, method, and service for organizing data for fast retrieval |
US20060249848A1 (en) * | 2005-05-09 | 2006-11-09 | International Business Machines Corporation | Terminal pad structures and methods of fabricating same |
US7150045B2 (en) * | 2000-12-14 | 2006-12-12 | Widevine Technologies, Inc. | Method and apparatus for protection of electronic media |
US20070136341A1 (en) * | 2005-12-13 | 2007-06-14 | Schopp Joel H | Method for balancing binary search trees |
US20080005208A1 (en) * | 2006-06-20 | 2008-01-03 | Microsoft Corporation | Data structure path profiling |
US7395244B1 (en) * | 2004-06-23 | 2008-07-01 | Symantec Corporation | Criticality classification system and method |
US20080172562A1 (en) * | 2007-01-12 | 2008-07-17 | Christian Cachin | Encryption and authentication of data and for decryption and verification of authenticity of data |
US20080194095A1 (en) * | 2007-02-12 | 2008-08-14 | Daubenspeck Timothy H | Undercut-free blm process for pb-free and pb-reduced c4 |
US20090037491A1 (en) * | 2007-07-30 | 2009-02-05 | International Business Machines Corporation | Storage system and method for updating a hash tree |
US7523071B2 (en) * | 2002-09-16 | 2009-04-21 | Yahoo! Inc. | On-line software rental |
US7587502B2 (en) * | 2005-05-13 | 2009-09-08 | Yahoo! Inc. | Enabling rent/buy redirection in invitation to an online service |
US7680937B2 (en) * | 2005-12-22 | 2010-03-16 | Microsoft Corporation | Content publication |
US7711586B2 (en) * | 2005-02-24 | 2010-05-04 | Rearden Corporation | Method and system for unused ticket management |
US7974221B2 (en) * | 2006-01-24 | 2011-07-05 | Brown Universtiy | Efficient content authentication in peer-to-peer networks |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100452026C (en) * | 2003-12-08 | 2009-01-14 | 李嫚 | Data once writing method and database safety management method based on the same method |
-
2009
- 2009-02-18 US US12/388,422 patent/US20100212017A1/en not_active Abandoned
-
2010
- 2010-02-16 CN CN2010800068678A patent/CN102308300A/en active Pending
- 2010-02-16 WO PCT/EP2010/051931 patent/WO2010094685A1/en active Application Filing
Patent Citations (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4309569A (en) * | 1979-09-05 | 1982-01-05 | The Board Of Trustees Of The Leland Stanford Junior University | Method of providing digital signatures |
US6484182B1 (en) * | 1998-06-12 | 2002-11-19 | International Business Machines Corporation | Method and apparatus for publishing part datasheets |
US6218302B1 (en) * | 1998-07-21 | 2001-04-17 | Motorola Inc. | Method for forming a semiconductor device |
US6411957B1 (en) * | 1999-06-30 | 2002-06-25 | Arm Limited | System and method of organizing nodes within a tree structure |
US6961855B1 (en) * | 1999-12-16 | 2005-11-01 | International Business Machines Corporation | Notification of modifications to a trusted computing base |
US6961858B2 (en) * | 2000-06-16 | 2005-11-01 | Entriq, Inc. | Method and system to secure content for distribution via a network |
US7107462B2 (en) * | 2000-06-16 | 2006-09-12 | Irdeto Access B.V. | Method and system to store and distribute encryption keys |
US7150045B2 (en) * | 2000-12-14 | 2006-12-12 | Widevine Technologies, Inc. | Method and apparatus for protection of electronic media |
US20020184504A1 (en) * | 2001-03-26 | 2002-12-05 | Eric Hughes | Combined digital signature |
US7080049B2 (en) * | 2001-09-21 | 2006-07-18 | Paymentone Corporation | Method and system for processing a transaction |
US7020635B2 (en) * | 2001-11-21 | 2006-03-28 | Line 6, Inc | System and method of secure electronic commerce transactions including tracking and recording the distribution and usage of assets |
US7523071B2 (en) * | 2002-09-16 | 2009-04-21 | Yahoo! Inc. | On-line software rental |
US20040241978A1 (en) * | 2003-05-29 | 2004-12-02 | Chiung-Sheng Hsiung | Interconnection structure and fabrication method thereof |
US20060136728A1 (en) * | 2003-08-15 | 2006-06-22 | Gentry Craig B | Method and apparatus for authentication of data streams with adaptively controlled losses |
US7090128B2 (en) * | 2003-09-08 | 2006-08-15 | Systems And Software Enterprises, Inc. | Mobile electronic newsstand |
US7395244B1 (en) * | 2004-06-23 | 2008-07-01 | Symantec Corporation | Criticality classification system and method |
US20060059333A1 (en) * | 2004-08-31 | 2006-03-16 | Gentry Craig B | Revocation of cryptographic digital certificates |
US7711586B2 (en) * | 2005-02-24 | 2010-05-04 | Rearden Corporation | Method and system for unused ticket management |
US20060202339A1 (en) * | 2005-03-11 | 2006-09-14 | Michaelson Lynne M | Method of forming a semiconductor device having a diffusion barrier stack and structure thereof |
US20060218176A1 (en) * | 2005-03-24 | 2006-09-28 | International Business Machines Corporation | System, method, and service for organizing data for fast retrieval |
US20060249848A1 (en) * | 2005-05-09 | 2006-11-09 | International Business Machines Corporation | Terminal pad structures and methods of fabricating same |
US7587502B2 (en) * | 2005-05-13 | 2009-09-08 | Yahoo! Inc. | Enabling rent/buy redirection in invitation to an online service |
US20070136341A1 (en) * | 2005-12-13 | 2007-06-14 | Schopp Joel H | Method for balancing binary search trees |
US7680937B2 (en) * | 2005-12-22 | 2010-03-16 | Microsoft Corporation | Content publication |
US7974221B2 (en) * | 2006-01-24 | 2011-07-05 | Brown Universtiy | Efficient content authentication in peer-to-peer networks |
US20080005208A1 (en) * | 2006-06-20 | 2008-01-03 | Microsoft Corporation | Data structure path profiling |
US20080172562A1 (en) * | 2007-01-12 | 2008-07-17 | Christian Cachin | Encryption and authentication of data and for decryption and verification of authenticity of data |
US20080194095A1 (en) * | 2007-02-12 | 2008-08-14 | Daubenspeck Timothy H | Undercut-free blm process for pb-free and pb-reduced c4 |
US20090037491A1 (en) * | 2007-07-30 | 2009-02-05 | International Business Machines Corporation | Storage system and method for updating a hash tree |
Non-Patent Citations (1)
Title |
---|
White, Ron, How Computers Work, 9th Ed., Que Corporation, November 14, 2007. * |
Cited By (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9009477B2 (en) | 2008-05-30 | 2015-04-14 | Adobe Systems Incorporated | Archiving electronic content having digital signatures |
US8621222B1 (en) * | 2008-05-30 | 2013-12-31 | Adobe Systems Incorporated | Archiving electronic content having digital signatures |
US8510566B1 (en) * | 2009-09-29 | 2013-08-13 | Emc Corporation | Authentic time-stamping for archival storage |
US8949997B2 (en) * | 2010-03-05 | 2015-02-03 | Interdigital Patent Holdings, Inc. | Method and apparatus for providing security to devices |
US20130198838A1 (en) * | 2010-03-05 | 2013-08-01 | Interdigital Patent Holdings, Inc. | Method and apparatus for providing security to devices |
US9380024B2 (en) | 2010-03-05 | 2016-06-28 | Interdigital Patent Holdings, Inc. | Method and apparatus for providing security to devices |
WO2012023122A3 (en) * | 2010-08-20 | 2012-07-26 | Nxp B.V. | Authentication device and system |
CN103081399A (en) * | 2010-08-20 | 2013-05-01 | Nxp股份有限公司 | Authentication device and system |
US10042997B2 (en) | 2010-08-20 | 2018-08-07 | Nxp B.V. | Authentication device and system |
US8538938B2 (en) * | 2010-12-02 | 2013-09-17 | At&T Intellectual Property I, L.P. | Interactive proof to validate outsourced data stream processing |
US20120143830A1 (en) * | 2010-12-02 | 2012-06-07 | At&T Intellectual Property I, L.P. | Interactive proof to validate outsourced data stream processing |
US20120233029A1 (en) * | 2011-03-07 | 2012-09-13 | Ricoh Co., Ltd. | Generating printable certificates to verify log authenticity |
US9026474B2 (en) * | 2011-03-07 | 2015-05-05 | Google Inc. | Generating printable certificates to verify log authenticity |
US9424432B2 (en) * | 2012-09-20 | 2016-08-23 | Nasdaq, Inc. | Systems and methods for secure and persistent retention of sensitive information |
US20140082749A1 (en) * | 2012-09-20 | 2014-03-20 | Amazon Technologies, Inc. | Systems and methods for secure and persistent retention of sensitive information |
WO2015018516A1 (en) * | 2013-08-05 | 2015-02-12 | Guardtime Ip Holdings Limited | Document verification with id augmentation |
CN103441845A (en) * | 2013-08-07 | 2013-12-11 | 北京交通大学 | New method for generating Merkle tree signature scheme certification path |
US20150156026A1 (en) * | 2013-12-02 | 2015-06-04 | Guardtime Ip Holdings Limited | Non-deterministic time systems and methods |
US9178708B2 (en) * | 2013-12-02 | 2015-11-03 | Guardtime Ip Holdings Limited | Non-deterministic time systems and methods |
US20160110292A1 (en) * | 2014-10-21 | 2016-04-21 | Samsung Electronics Co., Ltd. | Efficient key collision handling |
US9846642B2 (en) * | 2014-10-21 | 2017-12-19 | Samsung Electronics Co., Ltd. | Efficient key collision handling |
CN108292351A (en) * | 2015-09-14 | 2018-07-17 | 缇零网股份有限公司 | Use the data verification method and system of the Hash tree of such as time-centered Merkel's Hash tree etc |
US10303887B2 (en) * | 2015-09-14 | 2019-05-28 | T0.Com, Inc. | Data verification methods and systems using a hash tree, such as a time-centric merkle hash tree |
US10831902B2 (en) | 2015-09-14 | 2020-11-10 | tZERO Group, Inc. | Data verification methods and systems using a hash tree, such as a time-centric Merkle hash tree |
WO2017048630A1 (en) * | 2015-09-14 | 2017-03-23 | Medici, Inc. | Data verification methods and systems using a hash tree, such as a time-centric merkle hash tree |
US20170075938A1 (en) * | 2015-09-14 | 2017-03-16 | Medici, Inc. | Data Verification Methods And Systems Using A Hash Tree, Such As A Time-Centric Merkle Hash Tree |
US10396991B2 (en) * | 2016-06-30 | 2019-08-27 | Microsoft Technology Licensing, Llc | Controlling verification of key-value stores |
CN109643359A (en) * | 2016-06-30 | 2019-04-16 | 微软技术许可有限责任公司 | Control key-value storage verifying |
WO2018005403A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc | Controlling verification of key-value stores |
WO2018026727A1 (en) * | 2016-08-01 | 2018-02-08 | Cryptowerk Corp. | Computer-implemented method and system of tamper-evident recording of a plurality of service data items |
US11907406B2 (en) * | 2016-08-01 | 2024-02-20 | Cryptowerk Corp. | Computer-implemented method and system of tamper-evident recording of a plurality of service data items |
US11948182B2 (en) | 2017-07-03 | 2024-04-02 | Tzero Ip, Llc | Decentralized trading system for fair ordering and matching of trades received at multiple network nodes and matched by multiple network nodes within decentralized trading system |
US10937083B2 (en) | 2017-07-03 | 2021-03-02 | Medici Ventures, Inc. | Decentralized trading system for fair ordering and matching of trades received at multiple network nodes and matched by multiple network nodes within decentralized trading system |
WO2019025762A1 (en) * | 2017-08-03 | 2019-02-07 | Arm Limited | Counter integrity tree for memory security |
KR102532395B1 (en) | 2017-08-03 | 2023-05-15 | 에이알엠 리미티드 | Counter Integrity Tree for Memory Security |
US10540297B2 (en) | 2017-08-03 | 2020-01-21 | Arm Limited | Memory organization for security and reliability |
KR20200031671A (en) * | 2017-08-03 | 2020-03-24 | 에이알엠 리미티드 | Counter integrity tree for memory security |
US10733313B2 (en) | 2018-02-09 | 2020-08-04 | Arm Limited | Counter integrity tree for memory security |
EP3759865A4 (en) * | 2018-02-27 | 2021-01-06 | Visa International Service Association | High-throughput data integrity via trusted computing |
US11140134B2 (en) | 2018-02-27 | 2021-10-05 | Visa International Service Association | High-throughput data integrity via trusted computing |
US11848914B2 (en) | 2018-02-27 | 2023-12-19 | Visa International Service Association | High-throughput data integrity via trusted computing |
US11080433B2 (en) * | 2018-04-29 | 2021-08-03 | Cryptowerk Corp. | Cryptographic data storage |
CN109492425A (en) * | 2018-09-30 | 2019-03-19 | 南京中铁信息工程有限公司 | A kind of worm technical application method on a distributed |
US11677712B2 (en) | 2019-06-19 | 2023-06-13 | Etherweb Technologies LLC | Distributed domain name resolution and method for use of same |
US10880260B1 (en) | 2019-06-19 | 2020-12-29 | Etherweb Technologies LLC | Distributed domain name resolution and method for use of same |
US20230086399A1 (en) * | 2019-07-31 | 2023-03-23 | Myndshft Technologies, Inc. | System and method for on-demand data cleansing |
US11921685B2 (en) * | 2019-07-31 | 2024-03-05 | Myndshft Technologies, Inc. | System and method for on-demand data cleansing |
WO2021096861A1 (en) * | 2019-11-15 | 2021-05-20 | Ent. Services Development Corporation Lp | Systems and methods for automated determination of trust levels associated with regions and securely transporting data between the regions |
US11689572B2 (en) | 2019-11-15 | 2023-06-27 | Ent. Services Development Corporation Lp | Systems and methods for inventory management using prime numbers |
US11449548B2 (en) | 2019-11-27 | 2022-09-20 | Elasticsearch B.V. | Systems and methods for enriching documents for indexing |
US11609898B2 (en) * | 2020-06-18 | 2023-03-21 | Apple Inc. | Ensuring consistent metadata across computing devices |
Also Published As
Publication number | Publication date |
---|---|
CN102308300A (en) | 2012-01-04 |
WO2010094685A1 (en) | 2010-08-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20100212017A1 (en) | System and method for efficient trust preservation in data stores | |
US8055635B2 (en) | System and method for verifying the integrity and completeness of records | |
Erway et al. | Dynamic provable data possession | |
US20200159697A1 (en) | Immutable ledger with efficient and secure data destruction, system and method | |
US7996679B2 (en) | System and method for performing a trust-preserving migration of data objects from a source to a target | |
Snodgrass et al. | Tamper detection in audit logs | |
KR100829977B1 (en) | Method for ensuring the integrity of a data record set | |
US20080104407A1 (en) | Audit-log integrity using redactable signatures | |
US20080059420A1 (en) | System and Method for Providing a Trustworthy Inverted Index to Enable Searching of Records | |
US11907199B2 (en) | Blockchain based distributed file systems | |
US20050234909A1 (en) | Method, computer program product, and data processing system for source verifiable audit logging | |
Zheng et al. | Efficient query integrity for outsourced dynamic databases | |
US11256662B2 (en) | Distributed ledger system | |
US20200117439A1 (en) | Systems and Methods for Reinforced Update Package Authenticity | |
US11868339B2 (en) | Blockchain based distributed file systems | |
Antonopoulos et al. | SQL ledger: Cryptographically verifiable data in azure SQL database | |
CN113886841A (en) | Credible tracing method for cloud data operation behaviors | |
Uroz et al. | On challenges in verifying trusted executable files in memory forensics | |
CN116467388A (en) | System and method for maintaining consistency of shared files based on blockchain | |
Hwang et al. | Proof of violation for trust and accountability of cloud database systems | |
Burns et al. | Verifiable audit trails for a versioning file system | |
Sion et al. | Fighting mallory the insider: Strong write-once read-many storage assurances | |
Morovat et al. | Verifying integrity of big data in cloud databases | |
CN115439118B (en) | Digital certificate storage management method based on blockchain | |
US20240111884A1 (en) | Authenticating a File System Within Untrusted Storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LI, TIANCHENG;MA, XIAONAN;REEL/FRAME:022278/0696 Effective date: 20080821 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |